19 Chrome Bugs Fixed in Preparation for Pwn2Own Hacking Contest

By | March 2, 2011

Nine researchers were paid a total of $14,000 in bug bounties for bringing the Chrome bugs to Google’s attention. The company then promptly patched them last Monday.

Pwn2Own, an annual hacking contest that takes place at the CanSecWest security conference in Vancouver, British Columbia, was most likely the trigger for the updates, for Google fixed security flaws a week before last year’s Pwn2Own contest as well.

16 flaws with a rating of “high” and three with a rating of “medium” were taken care of, the former of which being the second highest ranking in terms of severity in Google’s threat system. This brought Google Chrome to version 9.0.597.107.

Luckily, not a single one of the bugs were deemed as “critical” by Google. This means that none of the bugs would have allowed an attacker to possibly circumvent Chrome’s sandbox. Two such sandbox bugs have already been quashed in Google Chrome this year.

As is the case with every such update, the bug tracking database that Google uses was locked to prevent outsiders from seeing the technical details of the vulnerabilities. Google tends to unlock it after several weeks or months so users would have more time to update their web browser.

About (Author Profile)

Being passionate about software, Armin joined FavBrowser.com in early 2011 and has been actively writing ever since. Having accepted the challenge, he also enjoys watching anime, indulging in good books, staying fit and healthy, and trying new things.

Comments (3)

Trackback URL | Comments RSS Feed

  1. RamaSubbu_SK says:

    Interesting… Smart move to look more clean on the event.
    As long as they are all fixed it is good.
    Mozilla has also did the same : http://www.computerworld.com/s/article/9212479/Mozilla_follows_Google_patches_Firefox_as_prep_for_Pwn2Own

    I think, these are all pre-planned – fixing all these at the end would not give much time for hackers to understand the change and hack.

  2. psalmsninetyone says:

    you won’t find 19 bugs of any kind in opera; there’s even no conveniently timed “pre-planned” update necessary… surely, it is the safest browser (and fastest) in the world :)

    • Greg says:

      really? no bugs? safest, fastest really?
      i quit
      opera fan boys are in denial even if you show them proof